High Performance, Robust and Secure Group Communication

About us
Technology Transfer
Secure Spread

Quarterly Technical Report, October 2000


During the past three months we designed a robust contributory key agreement protocol based on Group Diffie Helman CLIQUES and proved its correctness. This algorithm will be implemented in the Secure Spread Version 1 system. We also finalized the version of Secure Spread Version 0.

We continued the design and development of a many-to-many flow control algorithm for wide area multicast. We have done some validation experiments using ns as well as some preliminary actual experiments using the CAIRN network. This work is continuing.

We have started to define the necessary services for practical secure group comunication in particular and for overlay networks in general. We look beyond the key agreement protocols into authentication and access control. This work is now shaping up.


Exploring Robusteness in Group Key Agreement
ps, ps.gz, pdf. Technical Report CNDS-2000-4.

Yair Amir, Yongdae Kim, Cristina Nita-Rotaru, John Schultz, Jonathan Stanton, and Gene Tsudik

In this paper we present two robust contributory key agreement protocols which are resilient to any sequence of events while preserving the group communication membership and ordering guarantees.

The Cost of Adding Security Services to Group Communication Systems
ps, ps.gz, pdf. Technical Report CNDS-2000-3.

Cristina Nita-Rotaru

In this paper we present Secure Spread, a secure version of the Spread Toolkit. Secure Spread is a group communication system that utilizes contributory group key management developed by the Cliques project and Blowfish symmetric encryption algorithm.


We have released Spread 3.13 in August. The main new features of this version included:
  • Scalability improvements in the number of groups in the system. The lightweight group management is now using probablistic algorithms that reduce group lookups to complexity of o(log(n)) down from o(n). This allows us to support tens of thousands of groups without noticable performance penalty. Our system is still limited to about 1000 groups due to state transfer implementation limitation.
  • Performance improvements for small messages (by a factor of 4 or so).
  • A new configuration format that allows improved run time configuration.
Although we did not release Secure Spread Version 0 during this quarter, it is worthwhile to mention that the system is ready to be released pending some licensing issues. We plan to release it during November 2000, according to planed schedule.

Technology Transfer:

We know of one Dynamic Coaltions project that already uses our software: This is the Efficient and Scalable Infrastructure Support project done at Johns Hopkins and Brown, which aims to provide scalable certification service.

Plans for Next Quarter:

  • The release of Secure Spread Version 0 in November.
  • Continued testing and evaluation of Secure Spread Version 1.
  • Investigating practical authentication and access control for group communication in particular and overlay networks in general.
  • Continued research into high performance wide area group communication.

Questions or comments to:
webmaster (at) dsn.jhu.edu
TEL: (410) 516-5562
FAX: (410) 516-6134
Distributed Systems and Networks Lab
Computer Science Department
Johns Hopkins University
3400 N. Charles Street Baltimore, MD 21218-2686